SharePoint Developer Center >
SharePoint Products and Technologies Forums
>
SharePoint - Development and Programming
>
SharePoint as Authentication source for ASP.NET web applications
SharePoint as Authentication source for ASP.NET web applications
- Hi All,
We have a medium sized SharePoint farm that is hosted by Microsoft Online(the hosting side of MS). The authentication is handled by an AD running in hosting env. We are trying to build different web applications and for applications that cannot be built on MOSS, we wanted to host them outside of MOSS, on a seperate webfarm. We are trying to implement authentication for the ASP.NET webapplications. The scenario is: The user wants to log-in to the sharepoint site and click on a link that takes to an ASP.NET site without having to login again or atleast use the same login information. Since SharePoint farm is hosted on a different domain we don't have access to it. The ASP.NET Webfarm is hosted internally on another domain, and we cannot create a trust between them. Is there any mechanism in MOSS that would make this authentication possible. I looked at the MOSS webservices but I couldn't find any that would let the users authenticate to a site. If only we have our web farm hosted on the same domain as sharepoint farm, but that would be too simple :-). Any pointers?
Answers
- Sounds like what you actually want to do is use the MS Online hosted AD as your authentication source rather than SharePoint? (So that users who currently have access to Sharepoint via the hosted AD will also have access to your other webapps). That being the case, I don't think it's possible since your webfarm is on a separate domain and as you say you'd need to create a trust relationship with the MS Online domain and I don't think that's allowed.
You could pick up the sharepoint username in your webapps and make use of that but it's not secure at all. It would only really be useful for basic personalisation or whatever. I suppose another possibility would be to create a webservice in SharePoint that returned some kind of security token, you could then use that token in your asp.net applications as confirmation that your user was authenticated by SharePoint (since they'll need to login to call the webservice). Thats a bit like the way OpenId works.
Ch. - My Blog- Marked As Answer byCharlie WuModeratorThursday, November 12, 2009 1:30 AM
All Replies
- Sounds like what you actually want to do is use the MS Online hosted AD as your authentication source rather than SharePoint? (So that users who currently have access to Sharepoint via the hosted AD will also have access to your other webapps). That being the case, I don't think it's possible since your webfarm is on a separate domain and as you say you'd need to create a trust relationship with the MS Online domain and I don't think that's allowed.
You could pick up the sharepoint username in your webapps and make use of that but it's not secure at all. It would only really be useful for basic personalisation or whatever. I suppose another possibility would be to create a webservice in SharePoint that returned some kind of security token, you could then use that token in your asp.net applications as confirmation that your user was authenticated by SharePoint (since they'll need to login to call the webservice). Thats a bit like the way OpenId works.
Ch. - My Blog- Marked As Answer byCharlie WuModeratorThursday, November 12, 2009 1:30 AM
